Jclouds creates Marker Security Group even if user specifies an existing security group name.

[nishanthreddy]

Security Groups(Marker security groups) are getting generated even after specifying existing security group names in EC2TemplateOptions. I'm using the following code snippet to set the security group names:
template.getOptions().as(EC2TemplateOptions.class).securityGroups(group1);

The AWS keys I'm using doesn't have permissions to create a security group. So, I'm unable to launch an instance using jclouds as it is trying to create a marker security group before launching the instance. Is there any work around to prevent creation of marker security group?

I've tested this on jclouds-1.5.7 . Is this fixed in latest builds?

[codefromthecrypt]

there's 2 ways to address this.

1. allow jclouds to create nodes it cannot access by group (the marker group is used for group naming)
2. complete code to use TagApi for group instead of marker security groups.

The first option would ripple disaster through the codebase at least in the short term. The latter is much nicer, provided the service you are using supports tags. Does it? Which service are you using? Does your account allow tagging?

[demobox]

See also https://github.com/jclouds/jclouds/issues/1469. I'm guessing option 2 would help address that too.

[pbryan]

I'd prefer 2 as well, but it was mentioned that tags won't scale beyond 20 instances on AWS. Not sure why (or even if) this is the case.

[jeevanullas]

We would prefer 2, this is a problem with Eucalyptus as well, currently we are chasing a bug in Eucalyptus that gets triggered when the marker group gets created and rules added, https://eucalyptus.atlassian.net/browse/EUCA-5668 , with Eucalyptus 3.3.0 tagging is supported so an alternative could be to group nodes based on a tag.